Back to search
CVE-2015-0292
Published: Mar 19, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted base64 data that triggers a buffer overflow.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2015:0715
vendor-advisory
DSA-3197
vendor-advisory
USN-2537-1
vendor-advisory
HPSBMU03409
vendor-advisory
FEDORA-2015-4303
vendor-advisory
HPSBMU03380
vendor-advisory
FEDORA-2015-4300
vendor-advisory
73228
vdb-entry
HPSBUX03334
vendor-advisory
RHSA-2015:0716
vendor-advisory
SUSE-SU-2015:0578
vendor-advisory
HPSBMU03397
vendor-advisory
RHSA-2015:0752
vendor-advisory
RHSA-2015:0800
vendor-advisory
1031929
vdb-entry
SSRT102000
vendor-advisory
FEDORA-2015-4320
vendor-advisory
GLSA-201503-11
vendor-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now